One-Click Auth / SIWE
AppKit provides a simple solution for integrating with "Sign In With Ethereum" (SIWE), a form of authentication that enables users to control their digital identity with their Ethereum account. SIWE is a standard also known as EIP-4361.
One-Click Auth
One-Click Auth represents a key advancement within WalletConnect v2, streamlining the user authentication process in AppKit by enabling them to seamlessly connect with a wallet and sign a SIWE message with just one click. Connecting a wallet, proving control of an address with an off-chain signature, authorizing specific actions. These are the kinds of authorizations that can be encoded as "ReCaps". ReCaps are permissions for a specific website or dapp that can be compactly encoded as a long string in the message you sign and translated by any wallet into a straight-forward one-sentence summary. WalletConnect uses permissions expressed as ReCaps to enable a One-Click Authentication.
Configure your AppKit Client
To integrate SIWE with AppKit, you need to configure your AppKit client using AuthRequestParams
, which are required to create a SIWE message for the user to sign:
AppKit.configure(
...
authRequestParams: authRequestParams,
...
)
#### Example of AuthRequestParams
```swift
extension AuthRequestParams {
static func stub(
domain: String = "yourDappDomain.com",
chains: [String] = ["eip155:1", "eip155:137"],
nonce: String = "uniqueNonce",
uri: String = "https://yourDappDomain.com/login",
statement: String? = "I accept the Terms of Service: https://yourDappDomain.com/tos",
resources: [String]? = nil, // Here your dapp may request authorization with ReCaps
methods: [String]? = ["personal_sign", "eth_sendTransaction"]
) -> AuthRequestParams {
return try! AuthRequestParams(
domain: domain,
chains: chains,
nonce: nonce,
uri: uri,
statement: statement,
resources: resources,
methods: methods
)
}
}
Configuring your AppKit client with AuthRequestParams will prioritize authentication requests over regular session proposals. If the wallet supports One-Click Auth, the session will be created and the user will automatically authenticate without needing to send another SIWE request over personal_sign. If the wallet does not support One-Click Auth, it will fall back to the session proposal. In this case, to authenticate the user, you can send another session request to prove address ownership.
To check whether the user has signed a SIWE message, subscribe to authResponsePublisher:
AppKit.instance.authResponsePublisher.sink { (id, result) in
switch result {
case .success((session, cacaos)):
// User has authenticated
...
}
}
Link Mode
The latest release of AppKit supports link mode, a low latency mechanism for transporting 1-click auth requests and session requests over universal links, eliminating the need for a WebSocket connection with the Relay. This significantly enhances the user experience when connecting native dApps to native wallets by reducing the latency associated with networking connections, especially when the user has an unstable internet connection.
To support link mode, configure your AppMetadata.Redirect with a valid universal link and set the linkMode property to true:
let metadata = AppMetadata(
...
redirect: try! AppMetadata.Redirect(native: "exampleApp://", universal: "https://example.com/example_dapp", linkMode: true)
)
AppKit.configure(
...
metadata: metadata,
...
)
For more information on how to configure universal links for your app, refer to the Apple Documentation.
For a debugging guide, visit the Debugging Universal Links page.
Once link mode is configured, your dApp will connect and send requests to wallets via universal links after receiving proof from the wallet that it also supports link mode.
The wallet will also send responses using universal links. Your app needs to pass these responses to the AppKit client so it can process them.
AppKit.instance.handleDeeplink(url)